f 



WEST Search Histo 

DATE: Wednesday, June 25, 2003 

Set Name Query Hit Count Set Name 

side by side result set 

DB=USPT,PGPB,JPAB,EPAB,DWPI, TDBD; THES=ASSIGNEE; 
PLUR=YES; OP=OR 

L9 L8 andj@Bd >=199903 27 ^ 34 L9 

ftf2A/tG/UJ2C\ TdH~ ((black$ adj box$) same (encrypts or decrypts)) and ((blackS adj 

box$) same ((privates or publicS) with key$)) 





39 L8 

. J. Q .nA /^fT^r ((black$ adj box$) same (encrypts or decrypts)) and ((blackS adj V <- T 7 
C ^ W3t ^ L/ 1 box$) same ((p rivates or publicS) with keyS) ) and @pd<= 1 99903 27 X 

DB=USPT; THES=ASSIGNEE; PLUR=YES; OP=OR 

L6 L5 and rights _ ^ 12 L6 

" — L5^|^L3jmd(^lack$ adj box$) same ((privates or publicS) with keyS)) J 16 L5 

L#T L3ariaTT * 1 L4 

ft- ((blackS adj box$) same (encrypts or decrypts)) and T _ 

r 5 @ad^l9990327 

^\^^>^l2^t^^nd ^^pt$ or decrypts) ^ 3 L2 

bL uwaidfrM LI ((blackS adj box$) with server) and @ad<=l 9990327 55 LI 

END OF SEARCH HISTORY 
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DialogClassic Web(tm) 



h11p://www.dialogclassio.com'maiiiv 




S ( (BLACK (W) BOX) (5N) SERVER) AND (ENCRYPT$ OR DECRYPT?) AND PD<=990327 



Your SELECT statement is: 

S ( (BLACK (W) BOX) (5N) SERVER) AND (ENCRYPT$ OR DECRYPT?) AND 
PD<=990327 




Items File 



Processing 

Examined 50 files 

Examined 100 files 

Examined 150 files 

Examined 200 files 

Examined 250 files 

Examined 300 files 

Examined 350 files 



No files have one or more items; file list includes 361 files. 
One or more terms were invalid in 198 files. 



DialogClassic Web(tm) 



http:/Avww.dialogclassic. conVmainv 




S ( (BLACK (W) BOX (W) SERVER) (S) (ENCRYPT? OR DECRYPT? ) ) AND PD<-990327 




Your SELECT statement isi ' 

S ((BLACK (W) BOX (W) SERVER) (S) (ENCRYPT? OR DECRYPT?)) AND PD<=990327 



I terns 



Examined 
Examined 
Examined 
Examined 
Examined 
Examined 
Examined 



File 

50 files 

100 files 

150 files 

200 files 

250 files 

300 files 

350 files 



No files have one or more items; file list includes 361 files. 
One or more terms were invalid in 198 files. 



DialogClassic Web(tm) 



http://www. dialo gclassic. conVmaiav 




S ( ( "BLACK- BOX" (W) SERVER) (S) (ENCRYPT? OR DECRYPT? ) ) AND PD<=990327 




Your SELECT statement is 

S ( ("BLACK -BOX" (W) SERVER) (S) (ENCRYPT? OR DECRYPT?)) AND PD<=990327 



Items 



Examined 
Examined 
Examined 
Examined 
Examined 
Examined 
Examined 



File 

50 files 

100 files 

150 files 

200 files 

250 files 

300 files 

350 files 



No files have one or more items; file list includes 361 files. 
One or more terms were invalid in 198 files. 
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L7: Entry 1 of 5 File: USPT Oct 6, 1998 

US-PAT-NO: 5818934 

DOCUMENT- IDENTIFIER: US 5818934 A 

TITLE: Method and apparatus for providing a cryptographically secure interface 
between the decryption engine and the system decoder of a digital television 
receiver 

DATE- ISSUED: October 6, 1998 
INVENTOR- INFORMATION : 

NAME CITY STATE ZIP CODE COUNTRY 

Cuccia; David William Hopewell Junction NY 

ASSIGNEE - INFORMATION : 

NAME CITY STATE ZIP CODE COUNTRY TYPE CODE 



Phillips Electronics North America New Y ork NY 

Corporation 

APPL-NO: 08/ 768489 [PALM] 
DATE FILED: December 18, 1996 

INT-CL: [06] H04 £ 1/H2, RDA K 1/.QA, BHA K JL/&6., HQA N l/lEJ. 

US-CL-ISSUED: 380/9; 380/10, 380/35, 380/36, 380/37 

US -CL- CURRENT: 380 / 228 , 2QQ/1&, 1&H/22., 7 13/192 

FIELD- OF -SEARCH: 380/9, 380/10, 380/35-37 

PRIOR- ART-DISCLOSED: 

U.S. PATENT DOCUMENTS 



02 



Search Selected \ | Search ALL \ 



PAT-NO ISSUE-DATE PATENTEE-NAME US-CL 

□ 4944006 July 1990 Citta et al . 380/20 

Q 553527R July 1996 Sugisaki et al . 380/10 

O 5689569 November 1997 Peyret 380/49 



ART-UNIT: 362 

PRIMARY-EXAMINER: Tarcza; Thomas H. 
ASSISTANT-EXAMINER: Sayadian; Hrayr A. 
ATTY-AGENT-FIRM: Gathman; Laurie E. 
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ABSTRACT : 



A method for providing a secure interface between a decryption engine and a system 
decoder of a digital receiver, e.g., an MPEG-2 digital television receiver. The 
system decoder receives an encrypted bitstream and produces a cipher text bitstream 
which is supplied to the decryption engine via a first parallel data bus which 
includes a plurality N of parallel bit lines corresponding to respective N bits of 
the cipher text bitstream. The decryption engine decrypts the cipher text bitstream 
and produces a plain text bitstream which is supplied to the system decoder via a 
second parallel data bus which includes a plurality N of parallel bit lines 
corresponding to respective N bits of the plain text bitstream. The method includes 
the steps of scrambling the bit order of the N bits of the cipher text bitstream on 
the respective N bit lines of the first data bus, to thereby produce a scrambled 
cipher text bitstream N-bits wide, descrambling the bit order of the N bits of the 
scrambled cipher text bitstream, to thereby produce a descrambled cipher text 
bitstream which is the same as the original cipher text bitstream, employing the 
decryption engine to decrypt the descrambled cipher text bitstream, to thereby 
produce the plain text bitstream, scrambling the bit order of the N bits of the 
plain text bitstream on the respective N bit lines of the second data bus, to 
thereby produce a scrambled plain text bitstream N-bits wide, and descrambling the 
bit order of the N bits of the scrambled plain text bitstream, to thereby produce a 
descrambled plain text bitstream which is the same as the original plain text 
bitstream. A digital receiver which implements this method is also disclosed. 

50 Claims, 1 Drawing figures 
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L7: Entry 4 of 5 



US-PAT-NO: 5513260 

DOCUMENT- IDENTIFIER: US 5513260 A 



File: USPT 



Apr 30, 1996 



TITLE: Method and apparatus for copy protection for various recording media 
DATE-ISSUED: April 30, 1996 



INVENTOR- INFORMATION : 
NAME 

Ryan; John O. 

ASSIGNEE- INFORMATION: 
NAME 

Macrovision Corporation 



APPL-NO: 08/ 267635 [PALM] 
DATE FILED: June 29, 1994 



CITY 

Cupertino 



STATE 
CA 



ZIP CODE 



COUNTRY 



CITY 



STATE ZIP CODE COUNTRY TYPE CODE 



Sunnyvale CA 



02 



INT-CL: [06] Gil B 23./2R, EDA L 
US-CL-ISSUED: 380/3; 380/5, 380/22, 369/44.33 

US-CL -CURRENT: 3_aO/2IHl; 1£D./&1, 263/44.33, 263/47 .12, 2£-S/53.21, 2fi£/2fll, 
ma /22 , 212./12A 

FIELD -OF -SEARCH : 380/3, 380/4, 380/5, 380/23, 380/25, 369/44.26, 369/44.33 
PRIOR-ART-DISCLOSED : 

U.S. PATENT DOCUMENTS 

| Search Selected jj J Search ALL j 





PAT -NO 


ISSUE -DATE 


PATENTEE -NAME 


US-CL 




4670AR7 


June 1987 


Rackman 


380/4 




4785361 


November 1988 


Brotby 


380/4 X 




4866769 


September 1989 


Karp 


380/4 




4891504 


January 1990 


Gupta 


360/60 




5159633 


October 1992 


Nakamura 


380/30 




<^794^ 


January 1995 


Yamagishi 


380/4 X 




^412718 


May 1995 


Narasimhalu et al. 


380/4 




R41 fiflR2 


May 1995 


Itami et al. 


380/4 



ART-UNIT: 222 



PRIMARY- EXAMINER: BaiMfc, Jr.; Gilberto 



ATTY- AGENT- FIRM: Brill; Gerow D. 
ABSTRACT : 

A method and apparatus for copyright protection for various recording media such as 
compact discs (CDs) uses a combination of symmetrical and asymmetrical data 
encryption to permit the player to handle either copy-protected or 
non- copy-protected media, in a manner that is extremely difficult to compromise. 
Coupled with the combination of encrypting methods, an Authenticating Signature is 
recorded on the media only when copy-protection is required. The nature of this 
Authenticating Signature is such that it will not be transferred to illicit copies 
made on CD recorders. When either an original protected or an original non-protected 
disk is played, the presence or absence of the Authenticating Signature causes the 
player to correctly decrypt the program data. All original CDs therefore play 
normally. When a copy of a non-protected CD is played, the absence of the 
Authenticating Signature also causes the player to correctly decrypt the program 
data. However, when a copy of a protected CD is played, the absence of the 
Authenticating Signature causes the player to generate false data which prohibits 
the disk from playing normally. 

25 Claims, 2 Drawing figures 
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L7: Entry 4 of 5 



File: USPT 



Apr 30, 1996 



DOCUMENT- IDENTIFIER : US 5513260 A 

TITLE: Method and apparatus for copy protection for various recording media 



n&TK T fifiTTE!D (1) : 

Detailed Description Text (3) : 

As mentioned earlier, it is desirable to be able to offer copy-protection to 
copyright holders on a prog ram -by -prog ram basis and to receive a per-program fee or 
a per-disk fee in return. This is accomplished in the Programmable Conditional Play 
System using a combination of symmetrical and asymmetrical (also known as 
piibl -i c-Tcey ^ dah a finrryphinn to permit the CD-player to handle either copy protected 
or non-copy-protected disks in a manner that is extremely difficult or prohibitively 
expensive and time consuming to compromise, using black boxes. 

Detailed Description Text (22) : 

1. Convert the doubl y encrypted program data recorded on all copy-protected disks to 
the singl y encrypted format required by CD-players when the Authenticating Signature 
is missing. To do this, the pirate must obtain the Secret Key P used in the disk 
mastering process, which as explained earlier can be closely guarded within a 
sealed, booby trapped unit located at the disk mastering plant. The pirate can 
readily access the doubly encrypted off disk data inside a CD-player. He may also 
access the partially decrypted and fully decrypted (clear) program data, along with 
keys K and Q, inside a CD-player. However, the essence of the asymmetrical 
encryption method is such that a pirate still does not have enough information to 
deduce the secret key P needed to generate the required singly encrypted program 
data. This compound encryption scheme thus permits selective protection of programs 
and is immune to black box attack. 
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End of Result Set 
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L7: Entry 5 of 5 



File: USPT 



Jun 5, 1984 



US-PAT-NO: 4453074 

DOCUMENT- IDENTIFIER: US 4453074 A 

TITLE: Protection system for intelligent cards 

DATE- ISSUED: June 5, 1984 



INVENTOR- INFORMATION : 
NAME 

Weinstein; Stephen B. 



CITY 
Summit 



STATE 
NJ 



ZIP CODE 



COUNTRY 



ASSIGNEE - INFORMATION : 

NAME CITY STATE ZIP CODE COUNTRY TYPE CODE 

American Express Company New York NY 02 

APPL-NO: 06/ 312705 [PAT.M] 
DATE FILED: October 19, 1981 

INT-CL: [03] G06K 5/00 

US-CL-ISSUED: 235/380; 235/381, 235/382 

US -CL- CURRENT: 705/66; 2J15./2ML, 22£/3£l, 23^/382, 380/281, 713/ 17 3, 9Q2/2£, 

202/5 

FIELD -OF -SEARCH : 235/379, 235/380, 235/381, 235/382, 178/22.08, 340/825.32 
PRIOR-ART-DISCLOSED: 

U.S. PATENT DOCUMENTS 



Search Selected 



Search ALL 



PAT -NO 



ISSUE -DATE 
September 1981 



PATENTEE -NAME 
Atalla 



US-CL 
235/380 X 



ART-UNIT: 214 

PRIMARY -EXAMINER: Pitts ; Harold I. 
ATTY-AGENT-FIRM: Gottlieb, Rackman and Reisman 



ABSTRACT : 

There is disclosed a protection system for intelligent cards. Each card has stored 
in it a code which is the encryption of a concatenation of a user secret password 
and a common reference text. The encryption is derived by an initialization terminal 
which uses the private key associated with the public key of a public-key 
cryptosystem key pair. Each transaction terminal with which a card is used decrypts 
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the stored code in ac^^-dance with the public key. A t^Rsaction is effected only if 
the stored code decrypts into the user password which is inputted on a keyboard and 
the common reference text. 



19 Claims, 7 Drawing figures 
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L7: Entry 5 of 5 File: USPT Jun 5, 1984 



DOCUMENT- IDENTIFIER: US 4453074 A 

TITLE: Protection system for intelligent cards 



DATTC TSSTTFT) (l) : 

Detailed Dfiscriptinn Text (18) : 

Just as a sophisticated forger is assumed to know the transformation F of FIG. 3A, 
he is assumed to know the public kpy E of FIG. 3B since there will be many 
transaction terminals in the field and it is a relatively simple matter to learn the 
puhl-ir: key . Suppose that the forger tries to do with the system of FIG. 3B something 
comparable to what he can do with the system of FIG. 3A, namely, to select an 
arbitrary identification number, to decryp t it using the known public key E, and to 
then use the dRnfypt-^d results in creating a "black—box" or forged card which can 
fool a transaction terminal. A terminal can be "fooled" only if the decryption 
results in a password and the message text AMERICAN EXPRESS. Should an arbitrarily 
selected identification number, after decryption with the puhl i r key E, indeed 
result in the message text AMERICAN EXPRESS in the proper place (e.g., at the end) 
and some additional arbitrary combination of letters and numerals, this latter 
combination would be the password which the forger could then use in his "black box" 
or to input on the keyboard. But the arbitrary selection of an identification number 
would have an infinitesimal probability of its decryption consisting of the 
predetermined message text in the right place, together with some arbitrary 
combination of characters. Thus knowing the public key E is not sufficient to allow 
a forger to select an identification number (the combination of a password and the 
message text AMERICAN EXPRESS, as encrypted by the secret key of the issuer) which 
will effect a transaction. The only way that an identification number can be 
selected which will decrypt with the public key into a password part and a 
predetermined message text part is if the private key is used in the encryption 
process, and the forger has no way of knowing the private key. 

Detailed Description Text (19) : 

It is essential that the result of the decrypt- i on consist of both' a password part 
and a predetermined reference text part. Were the encryption stored on the card to 
consist of a password only, the forger could select an arbitrary identification 
number, decrypt - i r wi r h the puhl i c key E, and use the result as his password; 
storage of the arbitrarily selected identification number in the "black box" to be 
used with a terminal as the pnrryphfid code on a card would always result in a 
successful comparison were the forger to input the password derived by using the 
public key E. Similarly, were the code on the card to consist of nothing more than 
the message text AMERICAN EXPRESS encrypted with the private key D, all the forger 
would have to do is to determine the same encryption which is stored on every card 
and to use it in his "black—box" . Decryption in any terminal with the public key E 
would necessarily result in the reference text AMERICAN EXPRESS. What is necessary 
for security is to store in a card the code which is an encryption, created with the 
private key D, of a combination of a password and a predetermined reference text. 
There is no way- -even with knowledge of the publ -i o key E--that a forger can select 
an arbitrary identification number, or encryption to be stored on a card, which will 
decrypt into some arbitrary password together with the predetermined reference text 
in the correct position in the concatenated strings. 
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L6: Entry 12 of 12 



File: USPT 



Jun 5, 1984 



DOCUMENT- IDENTIFIER: US 4453074 A 

TITLE: Protection system for intelligent cards 



Appl i rati nn Filing Date (1) : 
19811019 

Ft-Hef Summary Text (21) : 

The security of the present invention is precisely in its storage in the card of the 
encryption, using the issuer's private key, of a combination of a password unique to 
the user and a common reference text. It will no longer do the forger any good to 
start out with an arbitrary code. That arbitrary code (which the forger's 
unauthorized card would furnish to the terminal) must decrypt into two strings, one 
of which is the predetermined reference text AMERICAN EXPRESS. In accordance with 
the principles of public-key encryption, and assuming judiciously selected string 
lengths, the probability is infinitesimal of a forger selecting a random code which, 
when decrypted with the public key, has a predetermined substring in it. Were this 
to happen, the forger could look at the decrypted password/reference text 
combination, and see which password he would thereafter have to input to a terminal 
in order to effect both matches when his forged card inputs the random code which 
was tried in the first place. But the probability of an arbitrarily selected code 
being decrypted into a string, part of which is a predetermined reference text, is 
so negligible that the system is highly secure (certainly secure enough for 
commercial transactions.) The system is viable so long as the forger cannot 
determine the private key D which is the complement of the public key E stored in 
every transaction terminal. Without the private key, there is no technique of 
acceptable computational complexity which will specify a code which, when decrypted 
with the public key, will result in a string having a predetermined reference text 
as a substring. Even were some arbitrarily selected code decrypted into a string 
which would include as a part thereof the predetermined reference text AMERICAN 
EXPRESS, the predetermined reference text would have to occur in the right position 
in the overall decrypted password/reference text combination, and the probability of 
this happening is even more remote than that of guessing a code which will decrypt 
into an overall string which has the reference text AMERICAN EXPRESS in some 
arbitrary position. 

Detailed Deac-H pt i nn Tfixt (18) : 

Just as a sophisticated forger is assumed to know the transformation F of FIG. 3A, 
he is assumed to know the pnhl -i r key e of FIG. 3B since there will be many 
transaction terminals in the field and it is a relatively simple matter to learn the 
publir key . Suppose that the forger tries to do with the system of FIG. 3B something 
comparable to what he can do with the system of FIG. 3A, namely, to select an 
arbitrary identification number, to decrypt it using the known publ i c. key E, and to 
then use the decrypted results in creating a "black box" or forged card which can 
fool a transaction terminal. A terminal can be "fooled" only if the decryption 
results in a password and the message text AMERICAN EXPRESS. Should an arbitrarily 
selected identification number, after decryption with the public key E, indeed 
result in the message text AMERICAN EXPRESS in the proper place (e.g., at the end) 
and some additional arbitrary combination of letters and numerals, this latter 
combination would be the password which the forger could then use in his "black box" 
or to input on the keyboard . But the arbitrary selection of an identification number 
would have an infinitesimal probability of its decryption consisting of the 
predetermined message text in the right place, together with some arbitrary 
combination of characters. Thus knowing the public key E is not sufficient to allow 
a forger to select an identification number (the combination of a password and the 
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message text AMERICAli^KPRESS, as encrypted by the secWi key of the issuer) which 
will effect a transaction. The only way that an identification number can be 
selected which will Hprrypt: with th p piihlir kpy into a password part and a 
predetermined message text part is if the private key is used in the encryption 
process, and the forger has no way of knowing the private, key. 

npj-a-Mfiri nfifirription Text (19) : 

It is essential that the result of the decryption consist of both a password part 
and a predetermined reference text part. Were the encryption stored on the card to 
consist of a password only, the forger could select an arbitrary identification 
nnmhpr f fterrypt it with i-hp public key E, and use the result as his password; 
storage of the arbitrarily selected identification number in the "black box" to be 
used with a terminal as the pnrryphftri code on a card would always result in a 
successful comparison were the forger to input the password derived by using the 
pnhl i r k^y E. Similarly, were the code on the card to consist of nothing more than 
the message text AMERICAN EXPRESS encrypted with the, private key D, all the forger 
would have to do is to determine the same encryption which is stored on every card 
and to use it in his "hlackJaox" . nprryptinn in any terminal with the public key E 
would necessarily result in the reference text AMERICAN EXPRESS. What is necessary 
for security is to store in a card the code which is an encryption, created with the 
p-Hvat-e Vgy D, of a combination of a password and a predetermined reference text. 
There is no way—even with knowledge of the public key E--that a forger can select 
an arbitrary identification number, or encryption to be stored on a card, which will 
Hprrypt into some arbitrary password together with the predetermined reference text 
in the correct position in the concatenated strings. 

npt-ailprf npfirnpfinn Text (34) : 

FIG. 7 depicts the flow chart which characterizes operation of a transaction 
terminal. The first step involves inputting of the password by the card owner. 
Because card owners often input their respective passwords incorrectly, a card owner 
is given four attempts to key in his password in the correct manner. A count j is 
set equal to one and the terminal then requests, via the display, that the user 
input his password. The terminal then transmits the inputted password to the card 
where it is compared with the stored user password. The comparison is best performed 
on the card, rather than in the terminal, for security purposes so that there is no 
way for someone who has tampered with the terminal to gain access to the user 
password. If the inputted password does not agree with that on the card, count j is 
incremented, and it is then compared with a maximum count of five. If j equals five, 
it is an indication that a user has attempted to input a correct password four times 
and has failed. It is therefore assumed that he is not the card owner, and the whole 
process is aborted as shown in the flow chart of FIG. 7. On the other hand, if he 
has inadvertently entered the wrong password, he is given another three chances to 
get it right. As long as the correct password of the card user is entered correctly 
within four attempts, the processing continues. 
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L9: Entry 33 of 34 



File: DWPI 



Jul 19, 2001 



DERWENT-ACC-NO: 2001-496746 
DERWENT- WEEK : 200154 

COPYRIGHT 2003 DERWENT INFORMATION LTD 

TITLE: Digital rights management system operating on computing device when user 
requests an encrypted digital content to be rendered by the computer 

INVENTOR: GANESAN , K; LIU, D ; PEINADO, M 
PATENT-ASSIGNEE: MICROSOFT CORP (MICT) 



PRIORITY -DATA: 2000US- 05262 90 (March 15, 2000), 2000US- 176425P (January 14, 2000) 



PATENT -FAMILY: 
PUB -NO 

WO 200152021 Al 
AU 200069281 A 



PUB -DATE 
July 19, 2001 
July 24, 2001 



LANGUAGE PAGES MAIN- IPC 

E 126 G06F001/00 

000 G06F001/00 



DESIGNATED -STATES : AE AG AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ 
EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD 
MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU 
ZA ZW AT BE CH CY DE DK EA ES FI FR GB GH GM GR IE IT KE LS LU MC MW MZ NL OA PT SD 
SE SL SZ TZ UG ZW 



APPLICATION-DATA: 
PUB -NO 

WO 200152021A1 
AU 200069281A 
AU 200069281A 



APPL-DATE 
August 22, 2 000 
August 22, 2000 



APPL-NO 
2000WO-US23108 
2000AU-0069281 
WO 200152021 



DESCRIPTOR 



Based on 



INT-CL (IPC): GQ£ E 1/IH1 

RELATED - AC C -NO : 2001-522158 ; 2 001-522159 ; 20 01-596328 ,-2 001-5963 97 

ABSTRACTED-PUB-NO: WO 200152021A 
BASIC-ABSTRACT : 

NOVELTY - Uses a black box (30) in the digital rights management (DRM) system for 
performing decryption and p.nrryphinn functions. The black box contains identifier of 
computing device (14) and is tied to the computing device. 

DETAILED DESCRIPTION - The black box also contains at least one blank box pnbl H c 
key . The DRM system also contains digital license (16) corresponding to the digital 
content. The licence includes a decrypt- i on key (KD) for decrypting the, encrypted 
digital content. The decrypt ion key is encrypted arrnrding to a black box puhl i c key 
of the black box . The licence is tied to the black box r and the computing device. AN 
INDEPENDENT CLAIM is made for a method of operating DRM system when user requests 
that computer renders an encrypted digital content. 

USE - For enforcing rights in a digital content allowing access to encrypted digital 
content only in accordance with parameters specified by licence rights acquired by 
user. 
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ADVANTAGE - Enf orceme^W rights and method enforce righiBPin protected (secure) 
digital content available on a medium such as the Internet, an optical disk, et 



DESCRIPTION OF DRAWING (S) - Drawing is a block diagram showing an enforcement 
architecture in accordance with an embodiment of the present invention. 



Computing device 14 
Digital licence 16 
Black box 30 



Decryption key. KD 

ABSTRACTED-PUB-NO: WO 200152021A 
EQUIVALENT -ABSTRACTS : 

CHOSEN -DRAWING: Dwg.l/22 

DERWENT- CLASS: T01 

EPI-CODES: T01-C01A; T01-D01; T01-H01B1; T01-H01C2; T01-H07C5E; T01-J12C; 
T01-J20B2A; 
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L9: Entry 34 of 34 File: DWPI Oct 5, 2000 

DERWENT-ACC-NO: 2001-191170 
DERWENT-WEEK: 200242 

COPYRIGHT 2 003 DERWENT INFORMATION LTD 

TITLE : Black box obtaining method of digital rights management system in personal 
computer, by determining unique black box having public and private key pair to 
digital rights management system from black box server 

INVENTOR: ENGLAND, P; PEINADO, M ; VENKATESAN, R 



PATENT-ASSIGNEE: MICROSOFT CORP (MICT) 



PRIORITY-DATA: 2000US- 0482840 (January 13, 2000), 1999US-126614P (March 27, 1999), 
1999US-0290363 (April 12, 1999) 



PATENT - FAMILY : 
PUB -NO 

WO 200057684 A2 
AU 200033809 A 



PUB -DATE 
October 5, 2000 
October 16, 2000 



LANGUAGE 
E 



PAGES 

087 

000 



MAIN- IPC 

G06F007/00 

G06F007/00 
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ABSTRACT : 

The present invention provides systems and methods for secure transaction management 
and electronic rights protection. Electronic appliances such as computers equipped 
in accordance with the present invention help to ensure that information is accessed 
and used only in authorized ways, and maintain the integrity, availability, and/or 
confidentiality of the information. Such electronic appliances provide a distributed 
virtual distribution environment (VDE) that may enforce a secure chain of handling 
and control, for example, to control and/or meter or otherwise monitor use of 
electronically stored or disseminated information. Such a virtual distribution 
environment may be used to protect rights of various participants in electronic 
commerce and other electronic or electronic-facilitated transactions. Distributed 
and other operating systems, environments and architectures, such as, for example, 
those using tamper- resistant hardware -based processors, may establish security at 
each node. These techniques may be used to support an all-electronic information 
distribution, for example, utilizing the "electronic highway." 
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Number of Drawing Sheets: 146 
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PRIMARY- EXAMINER: Peeso; Thomas R. 



ASSISTANT-EXAMINER: Jack; Todd 
ATT Y- AGENT -FIRM: Foley & Lardner 

ABSTRACT : 

A software distribution system and a software utilization scheme for effectively 
preventing an illegal copy or a software is difficult while improving a convenience 
of a user. At a user side, a shared key to be shared between a software provider and 
a user is stored, where the shared key has a guaranteed correspondence with an ID 
information regarding a payment of a software fee by the user. Then, a desired 
software is requested to the software provider, and the desired software is received 
in an encrypted form from the software provider. The desired software received from 
the software provider is then decrypted by using the shared key stored at the user 
side, and the desired software in a decrypted form is utilized at the user side. 

20 Claims, 17 Drawing figures 
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Ftrief Summary Text (9) : 

As it has been quite difficult to resolve all these problems completely by means of 
the software alone, there has been a proposition of a system called 
super-distribution which presumes a use of some special hardware. Namely, this is a 
system which uses a hardware functioning a blank box that outputs some output data 
in response to an entered input data, while a content of this hardware itself cannot 
be analyzed even by the owner of this hardware. For example, it is possible to 
realize a scheme in which the encrypted data cannot be decrypted unless this 
function of a hi ark- boy is available, by means of the conventional cryptographic 
technique such as the pnhl -i r key cryptosystem. 

Rrief Summary Tfivh (12) : 

In FIG. 1, the left side represents a store which is offering the software for sale 
and the right-, side represents a customer who is trying to purchase the software. 
These store and customer are connected by a computer network (which will be 
abbreviated hereafter as a network) such as a telephone line or Internet. Note here 
that functions on the store side and functions on the customer side are basically to 
be realized by means of softwares . 

Rrief Su mmary Tpyt (20) : 

On the other hand, in a case of using a system which requires a complicatecl 
procedure such as an entry of a credit card number of a customer or a user ID or a 
password assigned to that customer in every occasion of the purchase, it is 
practically impossible to realize an elaborated charging scheme such as that for 
charging three yen for the tomorrow 1 s weather forecast (as a low value service will 
be disused when a procedure is complicated) . As a consequence, only expensive 
softwares could be distributed successfully and some software right owners could 
profit enormously while some other software r-i ght owners could not profit at all, so 
that the proper growth of the software distribution cannot be expected. 

Detailed Description Text (12) : 

FIG. 2 shows a typical configuration of a software distribution system in this first 
embodiment. In FIG. 2, the left side represents a store which sells a software, 
while the right side represents a customer who purchases the software, and the store 
and the customer are connected through a network. 

Detailed Description Text (58) : 

This core software unit 35 is the main portion of the computer program which cannot 
be operated completely in this form. Further functions can be added to this main 
portion by adding the encrypted software to this core software unit 35, in other 
words, even when the encrypted software is executed by a person who has no right to 
decrypt this encrypted software, not all the functions of the software can be 
realized. 

Detailed Description Text (75) : 

Moreover, the shared key is a key for use in the execution of the software as well 
as a key for use in the purchase of the software, so that it is both difficult as 
well as risky to make the illegal copy of the software, and consequently it becomes 
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pointless to commit t^Pillegal art so that the protec^^n of the copyright owner's 
right can be realized easily. 

npj-a-ilfirl F>P.gpri pt- i nn Tfixt (128) : 

In other words, even when this software is executed by a person who has no r i ght to 
decrypt this passive function file 437, not all the functions of the software can be 
realized. 
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ASSISTANT -EXAMINER: Sayadian; Hrayr A. 
ATTY-AGENT-FIRM: Brill; Gerow D. 



ABSTRACT : 

A video disc designed for providing security and tracking data in the rental video 
media market. Those new formats for video players and media allow for inclusion of 
security features which both allow tracking of rental of such media and prevent 
unauthorized rental thereof Each player includes a decision circuit which plays a 
particular optical disc only if a player identification number recorded on a special 
separate magnetic track on the optical disk is the same as the player identification 
stored in the player, and if a movie identification number optically read from the 
disc matches a movie identification number recorded on the special separate magnetic 
track. A corresponding apparatus is provided at the video rental store which, at the 
time of rental, records on a magnetic portion of the media in encrypted form the 
movie identification number and the number of the particular disc player for which 
that rental is intended. The authorization encryption uses the private key of a 
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public key system, ublic key and the modulus beii^J^re- recorded on the optical 

portion of the disc. 

2 Claims, 4 Drawing figures 
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Rppl irar ion Filing Date (1) : 
1 qQ7nfi21 

RriPf Summary Text (5) : 

As is well known, typically video tape cassettes or video discs containing 
prerecorded material such as movies are commercialized as follows. The owner of the 
copyrighted material on the video cassette or disc, i.e. the movie studio (" right s 
owner"), arranges for duplication of the movie onto a large number of video tape 
cassettes or discs. The video tape cassettes and discs are then sold by the movie 
studio to owners of video rental stores who then rent each video tape cassette or 
disc out as many times as they can, depending on demand. However, the owner of the 
video rental store only pays for each video tape cassette or disc once, because he 
has purchased it outright from the movie studio. Thus the bulk of the profits due to 
rental of such material accrue to the video rental store owner rather than to the 
movie studio. This is because the so-called "first sale doctrine" prevents the 
seller (the movie studio) of the video tape cassettes or discs from exercising any 
degree of control over the downstream commercialization (e.g., rental) of its 
products. This is the case even though the video material is copyrighted. 

Bripf Summary Text (6) : 

It has been frustrating to the H ghta owners (movie studios, etc.) that they are not 
able to better control and/or profit from the rental market for their movies and 
other program material. Various methods have been proposed to allow the rights 
owners to overcome the first sale doctrine and acquire some degree of control over 
the rental of, for instance, VHS video tape cassettes. 

Rripf Summary Tpyt (11) : 

It is to be understood that the video store owners interests in this regard are to. a 
large extent the same as those of the rights owners. If a reliable system could be 
found to share rental revenues between the rights owners and the video store owners, 
then thft rights owners would provide many more copies of each movie for rental to 
each store, hence increasing profits for both parties. 

Rrief Su mmary Text (15) : 

Implementation of the present security system requires that a significant proportion 
of the -Hght-.fi owners agree on the desirability of being able to better control 
commercial use of their copyrighted materials for the new formats, and as a 
consequence that the manufacturers of the players would be receptive to making 
compatible players in the expectation of increased support for their formats. 

Brief Summary Text (17) : 

The next attribute is a high level of system security; the present system is 
believed to be impossible (or prohibitively expensive on a practical basis) for 
unscrupulous video rental store owners (or hackers in collusion with video rental 
store owners) to cheat on or to compromise. Thus in accordance with the invention 
the rights owners can be confident that they are properly recompensed for rental 
activity. In the event of any security breach, in accordance with the invention it 
is possible quickly and inexpensively to recover from the breach and minimize 
resulting losses. Also, in accordance with the invention, there is tracking system 
security, in that particular right a owners are assured that transaction data 
relating to their particular video material (movie titles) is not accessible by 
others . 



Detailed Descr^p^ •inT^ Text (12) : 

This system provides the above described advantages. In terms of functionality, for 
transaction tracking information the electronic clock in the TTRD notes each disc's 
time and date of authorization and when it was returned to the rental store. 
Combined with the movie title and renter's player identification if desired, this is 
sufficient information to track rental activity. It is to be noted however that in 
certain embodiments of the invention the rental tracking features are not necessary 
and only the below-described security features are included. Thus in certain 
applications where the -rigbt.fi owner may for instance not require transaction 
information but merely wants security, the functionality of transaction tracking and 
the accompanying structures may be dispensed with. 

Detailed Description Text (15) : 

In order to prevent illicit transactions, that is to prevent a hacker from designing 
a "black—box" device to illicitly record authorization data on an authorization 
card, this data (the player and movie identification) is concatenated and encrypted 
and written on the authorization card (or on each disc) by the TTRD, using a publ i c 
key encryption system. Such systems are well known. The following is a brief review 
of pertinent encryption methods . 

Detailed Description Text (25) : 

A vital feature of a public key encryption system is that it is not possible to 
deduce what the encrypted data would be for a block of data which differs by as 
little as one bit from a block of data whose encrypted value is already known. In 
other words, knowing the encrypted data for an instruction to allow e.g. movie 
number 566 to play on a player with player ID 1289, would not allow a hacker to 
deduce what encrypted data would correspond to an instruction to allow movie number 
567 to play on the identical player. Thus the most a hacker could do would be to 
note the code sequence which authorizes playing a particular movie for a particular 
player and later reuse that same code sequence with the same customer desiring to 
rent the same movie at a later time. Thus at most such hacking would obtain for the 
unscrupulous rental store owner one additional rental without having to pay the 
rights owner for that one particular rental. The effort required to do this seems to 
vastly outweigh any likely financial gain and hence it would not be done. 

Detailed Description Text (26) : 

In terms of restricting access to transaction data, the system also uses in one 
embodiment a public key encryption system (not the same one as above in terms of the 
keys themselves) to report transactions. Thus each rights owner (e.g. movie studio) 
is assigned a unique private key/public key pair. Each TTRD stores the public key of 
each studio. Transaction data relating to a particular studio is encrypted within 
the TTRD prior to storage and transmission of same, using that studio's public key. 
Only the studio (or its agent) is provided with the corresponding private key needed 
to decrypt the transaction data. 

Detailed Description Text (28) : 

The TTRD in either embodiment includes a port and loading mechanism such as those of 
a DVD player. The authorization card and the disc are ejected in a few seconds and 
the first part of the transaction is automatically recorded. When later on the 
renter returns the disc (or soon thereafter) the employee again inserts the disc in 
the TTRD and indicates the return transaction on its keyboard interface. The final 
part of the transaction, i.e. the time of disc return, is now recorded and the disc 
is again ejected and replaced on the store shelves. The authorization card is merely 
returned for later reuse. Transaction reporting to the rights owner or its agent is 
done automatically, for instance via modem and telephone lines, at a convenient 
time. Transaction reporting may also be done by other well known means. Thus the 
effort required of the video rental store employee is only slightly greater than 
that required in existing rental stores using point of sale terminals to store 
customer information and bar code readers to check out and check in video tape 
cassettes or discs. 

Detailed Description Text (37) : 

The program identification in addition to being used for tracking also increases 
system security. That is, if there were no program identification, the only 
information recorded on the magnetic track of the disc would be the encrypted player 
number. Thus a hacker could breach the security of the system by reading the 
authorization card to obtain the code to authorize play, i.e. enable use of a 
particular player, by merely reading and recording the encrypted data pertaining to 
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hhat nlaver number ^ere is no need in this case f Ae hacker to decrypt this 
^rror'thrsamfpSyer? due*™ the nature of public key encryption systems. 
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ART-UNIT: 222 

PRIMARY-EXAMINER: Tarcza; Thomas H. 
ASSISTANT-EXAMINER: Sayadian; Hrayr A. 
ATTY-AGENT-FIRM: Brill; Gerow D. 

ABSTRACT : 

A video disc designed for providing security and tracking data in the rental video 
media market. Those new formats for video players and media allow for inclusion of 
security features which both allow tracking of rental of such media and prevent 
unauthorized rental thereof Each player includes a decision circuit which plays a 
particular optical disc only if a player identification number recorded on a special 
separate magnetic track on the optical disk is the same as the player identification 
stored in the player, and if a movie identification number optically read from the^ 
disc matches a movie identification number recorded on the special separate magnetic 
track. A corresponding apparatus is provided at the video rental store which, at the 
time of rental, records on a magnetic portion of the media in encrypted form the 
movie identification number and the number of the particular disc player for which 
that rental is intended. The authorization encryption uses the private key of a 
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public key system, th(J|ublic key and the modulus bein^J|re- recorded on the optical 
portion of the disc. 

2 Claims, 4 Drawing figures 
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Detailed DfiRrriphion Text (15) : 

In order to prevent illicit transactions, that is to prevent a hacker from designing 
a " hi ark box " device to illicitly record authorization data on an authorization 
card, this data (the player and movie identification) is concatenated and encrypted 
and written on the authorization card (or on each disc) by the TTRD, using a public 
key encryption system. Such systems are well known. The following is a brief review 
of pertinent encryption methods. 
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ABSTRACT : 

There is disclosed a protection system for intelligent cards. Each card has stored 
in it a code which is the encryption of a concatenation of a user secret password 
and a common reference text. The encryption is derived by an initialization terminal 
which uses the private key associated with the public key of a public-key 
cryptosystem key pair. Each transaction terminal with which a card is used decrypts 
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the stored code in ac^i-dance with the public key. A t^Jnsaction is effected only if 
the stored code decrypts into the user password which is inputted on a keyboard and 
the common reference text. 



19 Claims, 7 Drawing figures 
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PRIMARY- EXAMINER: Bar^K, Jr.; Gilberto 



ATTY-AGENT-FIRM: Brill; Gerow D. 
ABSTRACT : 

A method and apparatus for copyright protection for various recording media such as 
compact discs (CDs) uses a combination of symmetrical and asymmetrical data 
encryption to permit the player to handle either copy-protected or 
non- copy-protected media, in a manner that is extremely difficult to compromise. 
Coupled with the combination of encrypting methods, an Authenticating Signature is 
recorded on the media only when copy-protection is required. The nature of this 
Authenticating Signature is such that it will not be transferred to illicit copies 
made on CD recorders. When either an original protected or an original non-protected 
disk is played, the presence or absence of the Authenticating Signature causes the 
player to correctly decrypt the program data. All original CDs therefore play 
normally. When a copy of a non-protected CD is played, the absence of the 
Authenticating Signature also causes the player to correctly decrypt the program 
data. However, when a copy of a protected CD is played, the absence of the 
Authenticating Signature causes the player to generate false data which prohibits 
the disk from playing normally. 

25 Claims, 2 Drawing figures 
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Rppl -i rat- -inn Filing Date (1) : 
19940629 

Ftr-if>f Summary Text (8) : 

For the foregoing reasons, there is a need for a copy-protection system for the 
compact disc medium that provides a high level of protection to software ri ghtfl 
owners, that is immune to black boxes and that is not compromised by the refusal of 
a few hardware manufacturers to comply with the standard. 

Dfita-i le>ri Description Tpxh (2) : 

The present invention relates to a method and apparatus for copy-protecting various 
program distribution media, such as the compact disk medium. This invention is 
applicable to all disk media and the principles may be extended by one of ordinary 
skill in the art to other media such as magnetic tape. The invention offers a high 
level of protection to software rights owners, is immune to black boxes and will not 
be compromised by the refusal of a few hardware manufacturers to comply with the 
standard. 

Dpl-ailfir i np.grnpt-.inn Text (3) : 

As mentioned earlier, it is desirable to be able to offer copy-protection to 
copyright holders on a program- by -program basis and to receive a per-program fee or 
a per-disk fee in return. This is accomplished in the Programmable Conditional Play 
System using a combination of symmetrical and asymmetrical (also known as 
publ i r-key ) data_ejicr^ptJLan to permit the CD-player to handle either copy protected 
or non- copy-protected disks in a manner that is extremely difficult or prohibitively 
expensive and time consuming to compromise, using black boxes. 

Del-ailed npsnription Text (22) : 

1. Convert the doubly_ejicrypJted program data recorded on all copy-protected disks to 
the singly_encrypted format required by CD-players when the Authenticating Signature 
is missing. To do this, the pirate must obtain the Secret Key P used in the disk 
mastering process, which as explained earlier can be closely guarded within a 
sealed, booby trapped unit located at the disk mastering plant. The pirate can 
readily access the doubly pnrryphfid off disk data inside a CD-player. He may also 
access the partially Her-Typf-erf and fully decrypted (clear) program data, along with 
keys K and Q, inside a CD-player. However, the essence of the asymmetrical 
Rnr.r-ypt-ion method is such that a pirate still does not have enough information to 
deduce the secret key P needed to generate the required singly encrypted program 
data. This compound encryption scheme thus permits selective protection of programs 
and is immune to hi ark box attack. 
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DOCUMENT- IDENTIFIER: US 5940507 A 
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flhfitr-act Tevt (1) : 

A information processing system providing archive /backup support with privacy 
assurances by encrypting data stored thereby. Data generated on a source system is 
encrypted, the key used thereby is separately encrypted, and both the encrypted data 
and encrypted key are transmitted to and maintained by a data repository system. The 
repository system receives only the encrypted data and key, while the source system 
retains the ability to recover the key and in turn, the data. The source system is 
therefore assured of privacy and integrity of the archived data by retaining access 
control yet is relieved of the physical management of the warehousing medium. 

Application Filing Date (1) : 
1998Q128 

Brief Summary Text (10) : 

The present invention addresses the problem of privacy for archived data by 
providing the source organization with control over the data without burdening the 
reliability of retrieval with the problems caused by sequential overwrite. An 
encryption function applied to the archived data renders it in a form unintelligible 
to unauthorized observers. Encryption involves arithmetic manipulations of the data 
using a specific value called a key, which renders the data in an unintelligible 
form. This key bears a specific mathematical relationship to the data and the 
encryption algorithm being used. Returning the data to the original form involves 
applying the corresponding inverse function to the encrypted form. Without the 
proper key, however, it is very difficult to determine the inverse, or decryption, 
function. The security provided by encryption rests on the premise that with a 
sufficiently large key, substantial computational resources are required to 
determine the original data. Encrypting a file with a particular key, and then 
encrypting the key itself using a master key, therefore, allows another party to 
physically maintain and store the data while the originator, or source, of the data 
retains access control . Additional security and authentication measures can also be 
taken, such as further encrypting the key or the data at the server with a server 
key, and the use of cipher block chaining to impose dependencies among a sequence of 
file blocks. 

Rrief Summary Tpvf (H) : 

In accordance with the present invention, an archive server utilizes encryption 
techniques to maintain both security and integrity of stored data by maintaining a 
series of keys for each archived file, and encr-ypt-ing both the archived file, and 
the key to which it corresponds. The archive server manages the encrypted files and 
the corresponding encrypted keys, while the source organization maintains only the 
master key required to recover the individual encrypted keys. Through this 
arrangement, the source organization maintains control and assurances over access to 
the archived data, while the archive server manages the physical storage medium and 
performs individual encrypted file manipulation requests at the behest of the 
client. The archive server maintains access only to the encrypted data files and 
encrypted keys, effectively managing these files and keys as abstract black -hoy 
entities, without the ability to examine and interpret the contents. 

Brief Summary Text (12) : 

Three common transactions involving archived encrypted files are effected by the 
present invention. A source organization desiring to archive files periodically 
transfers files from its online repository, usually a fast access storage medium 
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such as a disk, to tl^Jarchive server. To retrieve arcSBRred information, a retrieval 
transaction indicating a particular file occurs. Finally, when an item is to be 
deleted, a deletion instruction implicating a particular file is issued to the 
archive server. 



Detailed Description Text ( 4 ) : 

An archive transaction for a file stored at the source system encompasses encrypt- -j on 
of the file on the source system using a secondary key, encryption of the secondary 
key on the source system using a master key, and transmission of the encrypted file 
and the associated encrypted key to the archive server. Transmission is electronic 
via computer network, or in alternative embodiments by physical delivery of a 
suitable magnetic medium. The archive server then stores the encrypted file on 
magnetic tape or another medium of long term storage, and stores the encrypted key 
along with an index to the tape containing the encrypted file. The master key used 
to encrypt the secondary key is retained on the source system. 

Detailed Description Text (5) : 

Referring to FIGS. 1 and 2, A file 10 to be archived is identified 100 within a fast 
access storage medium 12 of the source information system 8, and is sent to a 
cryptographic engine 14 . The present embodiment incorporates a disk drive as the 
fast access storage medium, although an alternative embodiment could use other modes 
of digital fixation, such as CD-ROM. The cryptographic engine 14 may be an 
application within the same node or an independent CPU, and may invoke specialized 
encryption hardware, depending on the encrypt ion method desired. Any of various 
known en crypt -i on methods could be employed. 

Detailed Description Text (6) : 

A key generator 16 then generates a secondary key 18 as shown in step 102, and uses 
this key to encrypt the file 10 as shown in step 104 to produce an encrypted file 
20, at step 106. The master encryption key 22 is then obtained in step 108 and used 
to encrypt the secondary key in 18, as shown at step 110, and produce an encrypted 
key 24, as indicated in step 112. Note that since the same master key is used to 
encrypt multiple secondary keys it need be generated only once and then reused for 
successive secondary keys. The encrypted file 20 and encrypted key 24 are then 
transmitted to the archive server at steps 116 and 118, respectively, while the 
master key 22 is retained at the source system 8 at step 114. Transmission may be 
accomplished via Internet 26, dialup connection 28, or in alternative embodiments, 
other means such as physical delivery of the storage medium. Encryption may be 
performed by any of various known methods, such as RSA, DES, and other permutations 
and may involve authentication and verification either through a trusted third party 
or mathematical methods. Such authentication and verification may involve cipher 
block chaining (CBC) , to perform an XOR on all or part of a previous block and use 
the resultant value in encrypting a successive block, or checksums such as cyclic 
redundancy checks (CRC) , MD4, and MD5, which accumulate all values in a particular 
block according to a mathematical formula to arrive at a value which is highly 
unlikely to be duplicated if data in the block is changed or lost. 

Detail ed De scri pti on Text (7) : 

Upon receipt of the encrypted file 20 and the encrypted key 24, the archive server 
3 0 writes the encrypted file 32 to a magnetic tape 36, or other medium of long term 
storage which is inexpensive and which need not encompass real time access, via tape 
drive 34 at step 120. The encrypted key 38 is then written to a tape index disk file 
40 at step 122, thereby associating the magnetic tape volume 36 with the encrypted 
file 32 and the encrypted key 38. In alternative embodiments, a further encryption 
operation may be performed at the archive server on the encrypted file 32 or the 
encrypted key 38 to add an additional layer of security. 

Detailed Description Text (8) : 

Recovery of a file is accomplished by the archive server referencing the index to 
obtain the encrypted key and the volume of the enorypi-ed file. The encrypted file is 
then retrieved from the volume, and both the encrypted file and encrypted key are 
transmitted back to the client. The client then recovers the file through the same 
two stage process used to encrypt- . First, the secondary key must be recovered by 
decrypting the encrypted key with the master. Second, the original file may be 
recovered by decryp ting the encrypted file with the secondary key. 

Detailed Description Text ( 9 ) : 

Referring to FIGS. 1 and 3, for file recovery the archive server searches the tape 
index disk file 40 at step 2 00 to lookup the encrypted key 44 and the location of 
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the magnetic tape voifl^l 36. The server then retrieves^Bne pnrrypi-prf key at step 202 
and retrieves the encrypted file 42 from long term storage via tape drive 34, as 
shown in step 204. The encrypted file 48 and encrypted key 46 are then transmitted 
back to the source system 8 as indicated by steps 206 and 208, respectively. 

Pet-ailed DPRrriphinn Tevt (10) : 

Once received by the source system 8, the master key 22 is used to decrypt the 
encrypted key 46 at step 210 and recover the secondary key 18, as shown in step 212. 
The secondary key 18 is then used to decrypt rhe encrypted file 48 as shown in step 
214 to produce the recovered file 50 which is identical to the original file 10, as 
indicated by step 216. 

Detailed Descri pt i nn Text (11) : 

File deletion involves searching the tape index disk file 40, for the entry 
corresponding to the file 10 marked for deletion. Rather than retrieving the key and 
volume, however, the encrypted key 44 is deleted and the storage area in the tape 
index disk file 40 overwritten with zero values. This overwriting is required to 
avoid future access to the encrypted key 44 through use of a sector level disk 
access, as many file systems merely flag a deleted area as available, and data 
physically remains unaltered until a subsequent write needs the available space. 
Elimination of the encrypted key effectively precludes future access to the contents 
of the archived file stored on magnetic tape without requiring physical modification 
to the archive volume; only the encrypted key is deleted. Therefore, there is no 
compromise of the integrity of adjacent entities on the tape, and no extraneous 
versions of sensitive data. 

Detailed npsrnpl-.inn Text (12) : 

Following overwrite of the encrypted key 44, the information in the encrypted file 
32 remains secure. No modification of the magnetic tape volume 36 is required, as 
the encryption ensures that the information remains unintelligible. 

Detailed Description Text (13) : 

Effectiveness of this method suggests that the encryption take place no more 
remotely than the limits of the source system organization's proprietary, or 
internal, network, as unprotected electronic transfers can also compromise the data. 
The dotted line 52 on FIG. 1 indicates the extent of unencrypted data and should 
represent no greater extent than the intranet of the originating entity. 

Detailed Description Teyt (14) : 

Master key generation is significant because recovery of a key allows recovery of 
the file that the key represents. Consequently, control over access and deletion to 
archived files is dependent upon control over the corresponding secondary keys. Each 
key, however, must be unique to the file to which it corresponds, otherwise, 
exposure of a key to decrypt a particular file compromises that key for all other 
files which that key covers. If the source system is required to maintain a separate 
key for all archived encrypted files, however, there is merely a shift in storage 
medium, as the key to each encrypted file, rather than the file, must be still be 
maintained. Encrypting individual secondary keys allows the keys to be maintained as 
securely as the files. The source system maintains a single master key, or several 
master keys covering different groups of secondary keys. Control of the archived, 
encrypted files is then focused through a master key. The archiving entity retains a 
set of all encrypted files, and maintains a mapping to the corresponding encrypted 
keys for which the source organization holds the master key. 

CLAIMS : 

1 . An electronic network for transferring data units among storage elements 
comprising : 

a communications link; 

a source information processing system at a first end of said communications link 
further comprising: 

a master encryption key; 

at least one secondary encryption key; 

a first memory for storing data units and said master and said at least one 
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secondary encryption ^ys; and 



an encryption engine for selectively encrypting said data units to produce encrypted 
data units using at least one of said secondary encryption keys, and for encrypting 
said at least one secondary encryption key with said master pnrryptinn key producing 
at least one encrypted key; and 

an archive server information processing system having at least one archive server 
key at a second end of said communications link comprising a second memory and in 
communication with said source information processing system, said archive server 
information processing system for receiving and storing said encrypted data units 
and said encrypted keys in said second memory wherein said archive server key is 
used to further encrypt said encrypted keys. 

6. The network as in claim 4 wherein said at least one encrypted key is stored in 
said first storage area within said second memory and said encrypted data units are 
stored in said second storage area within said second memory. 

9. The network as in claim 1 wherein said source information processing system 
further comprises a computer and said encryption engine is implemented by said 
computer executing an encryption application having said maste r encryption key, said 
at least one secondary key, and said data units as inputs and said encrypted data 
units and said at least one encrypted key as outputs. 

10 . The network as in claim 1 wherein said source information processing system 
further comprises a computer and said encryption engine is implemented by a circuit 
in communication with said computer, said circuit having said master encryption key, 
said at least one secondary encryption key, and said data units as inputs and said 
encrypted data units and said at least one encrypted key as outputs. 

12 . The network as in claim 1 wherein said data units comprise subdivisions 
comprising a plurality of blocks and said encryption is applied to said blocks 
wherein input to said encryption includes values from said plurality of blocks and 
the results of at least one previous encrypted block. 

13 . An electronic network for transferring data units among storage elements 
comprising : 

a communications link; 

a source information processing system at a first end of said communications link 
further comprising: 

a master encryption key; 

at least one secondary encryption key; 

a first memory for storing data units and said master and said at least one 
secondary encryption keys; and 

an encryption engine for selectively encrypting said data units to produce encrypted 
data units using at least one of said secondary encryption keys, and for encrypting 
said at least one secondary encryption key with said master encryption key producing 
at least one encrypted key; and 

an archive server information processing system having at least one archive server 
key at a second end of said communications link comprising a second memory and in 
communication with said source information processing system, said archive server 
information processing system for receiving and storing said encrypted data units 
and said encrypted keys in said second memory wherein said archive server key is 
used to further encrypt said encrypted data units. 

14 . A method for providing secure archive for data generated in a first memory 
within a source information processing system comprising the steps of: 

identifying data for archive within said first memory; 

obtaining a secondary encryption key; 
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encrypting said data ^^h said secondary encrypM nn kd^pto produce_ejacryptjed data; 
obtaining a master encryption key; 

encrypting said secondary enrrypt-.inn key with said master encrypt i nn key to produce 
an encrypted key; 

transmitting said encrypted data and encrypted key to an archive information system 
having a second memory; 

writing said encrypted data and said encrypted key to said second memory; and 
overwriting the portion of said second memory where said encrypted key is stored. 

20. The method according to claim 14 wherein said data is subdivided into a 
plurality of blocks and input to said encrypt- -in g includes the results of at least 
one previous encrypting of said blocks. 

21. A method for providing secure archive for data generated in a first memory 
within a source information processing system comprising the steps of: 

identifying data for archive within said first memory; 

obtaining a secondary encryption key; 

encrypting said data with said secondary encrypt i nn key to produce encrypted data; 
obtaining a master encryption key; 

encrypting said secondary encryption key with said master encryption key to produce 
an encrypted key; 

transmitting said encrypted data and encrypted key to an archive information system 
having a second memory and an archive server encryption key; 

further encrypting said encrypted key with said archive server encryption key; 
writing said encrypted data and said encrypted key to said second memory. 

22. A method for providing secure archive for data generated in a first memory 
within a source information processing system comprising the steps of: 

identifying data for archive within said first memory; 

obtaining a secondary encryption key; 

encrypting said data with said secondary encryption key to produce encrypted data; 
obtaining a master encrypt -i nn key; 

encrypting said secondary encryption key with said master encrypt -i on key to produce 
an encrypted key; 

transmitting said encrypted data and encrypted key to an archive information system 
having a second memory and an archive server encryption key; 

further encrypting said encrypted data with said archive server encryption key; 
writing said encrypted data and said encrypted key to said second memory. 

23. A method for providing secure archive for data generated in a first memory 
within a source information processing system comprising the steps of: 

identifying data for archive within said first memory; 

obtaining a secondary encryption key; 

encrypting said data with said secondary encryption key to produce encrypted data; 
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obtaining a master ej^J^ption key; 

encrypting said secondary encryption key with said master en crypt i on key to produce 
an encrypted key; 

transmitting said encrypted data and encrypted key to an archive information system 
having a second memory and an archive server encryption key; 

writing said encrypted data and said encrypted key to said second memory 

retrieving said encrypted data and said finrryphpfi key from said second memory of 
said archive information system; 

decrypting Raid encrypted key with said archive server encrypt -i on key; 

transmitting said encrypted data and said encrypted key from said archive 
information system to said source information processing system; 

decrypting said encrypted key with said master encryption key to recover said 
secondary key; and 

decrypting said encrypted data with said secondary key to recover said data. 

24 . A method for providing secure archive for data generated in a first memory 
within a source information processing system comprising the steps of: 

identifying data for archive within said first memory; 

obtaining a secondary encryption key; 

encrypting said data with said secondary encryption key to produce encrypted data; 
obtaining a master encryption key; 

encrypting said secondary encryption key with said master encryption key to produce 
an encrypted key; 

transmitting said encrypted data and encrypted key to an archive information system 
having a second memory and an archive server encryption key; 

writing said encrypted data and said encrypted key to said second memory; 

retrieving said encrypted data and said encrypted key from said second memory of 
said archive information system; 

decrypting Raid encrypted data with said archive server encryption key; 

transmitting said encrypted data and said encrypted key from said archive 
information system to said source information processing system; 

decrypting said encrypted key with said master encryption key to recover said 
secondary key; and 

decrypting s aid encrypted data with said secondary key to recover said data . 
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ABSTRACT: 

A method of synchronizing an interactive connection and a non- interactive data 
transfer connection between a client and a service provider, comprising: 

creating an interactive connection; 

creating a data transfer connection; and 

generating a session ID which is associated with the two connections. 
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R-Hpf Summary Tpyf (17) : 

A sixth aspect of some embodiments of the present invention is related to a process 
structure preferred for preferred embodiments of the invention Preferably, the 
service provider includes a WWW server, for the interactive session and an FTP 
server for the file upload session. Preferably, both flprvprs are standard commercial 
software products, so that, preferably, they can be controlled externally, as black 
boxes - Preferably, each of the FTP server and the WWW server run on different 
machines. In a preferred embodiment of the invention, the service provider includes 
a synchronizing process which supplies the unique session ID and synchronizes the 
operation of the FTP server and the WWW server. Alternatively or additionally, the 
customer software may be provided with a synchronizing process. Alternatively or 
additionally, at least part of the synchronization is achieved from a third 
location. In a preferred embodiment of the invention, the customer software includes 
a standard WWW browser. 

Detailed Description Text (22) : 

In a preferred embodiment of the invention, the step of receiving a unique session 
ID includes receiving a temporary user name and/or a password. Preferably, FTP 
client 12 uploads the image files, preferably to a unique location, using the 
provided user name and/or password. Additionally or alternatively, each uploaded 
file is associated with a unique session ID, preferably, by storing the file in a 
directory associated with the session ID or by appending the session ID to the name. 
In one preferred embodiment of the invention, the unique session ID is used to 
generate a unique user name and/or password. Alternatively, a bank of available user 
names may be used, from which a user name is cyclically selected. Thus, a user name 
will generally not be used simultaneously by two different customers. In some cases, 
especially when there are more active connections than user names, two customers 
will share a single user name. However, this should pose no problem, since files are 
still individually identified using their associated session IDs. Alternatively or 
additionally, the user name and/or the password are pnrTypi-prf in the session ED, 
preferably using a public key encryption scheme. Thus, unique identification of the 
owner of the connection can be assured. 
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ART-UNIT: 276 

PRIMARY- EXAMINER: Laufer; Pinchus M. 

ATTY- AGENT -FIRM: Weingarten, Schurgin, Gagnebin & Hayes LLP 
ABSTRACT : 

A information processing system providing archive /backup support with privacy 
assurances by encrypting data stored thereby. Data generated on a source system is 
encrypted, the key used thereby is separately encrypted, and both the encrypted data 
and encrypted key are transmitted to and maintained by a data repository system. The 
repository system receives only the encrypted data and key, while the source system 
retains the ability to recover the key and in turn, the data. The source system is 
therefore assured of privacy and integrity of the archived data by retaining access 
control yet is relieved of the physical management of the warehousing medium. 

24 Claims, 3 Drawing figures 



2 of 2 



6/25/03 2:20 



f 



Generate Collection 



Print 



Search Results - Record(s) 1 through 10 of 34 returned. 



□ 1. Document ID: US 20030105721 Al 

L9: Entry 1 of 34 File: PGPB 



Jun 5, 2003 



PGPUB- DOCUMENT -NUMBER: 20030105721 
PGPUB- FILING -TYPE: new 

DOCUMENT- IDENTIFIER: US 20030105721 Al 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 

PUBLICATION-DATE: June 5, 2003 



INVENTOR - INFORMATION : 
NAME 

Ginter, Karl L. 
Shear, Victor H. 
Spahn, Francis J. 
Van Wie, David M. 



CITY 

Beltsville 
Bethesda 
El Cerrito 
Sunnyvale 



STATE 

MD 

MD 

CA 

CA 



COUNTRY 

US 

US 

US 

US 



RULE- 4 7 



US -CL- CURRENT: 2£15./SA; 7 13/193 



'Tuir I" title "{"citation f Front [* Review { Classification [ Date { Reference ) Sequences] Attachments 
Draw. Desc | lmage~]^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^| 



□ 2. Document ED: US 20030088784 Al 

L9: Entry 2 of 34 File: PGPB May 8, 2003 

PGPUB -DOCUMENT -NUMBER: 20030088784 
PGPUB -FILING -TYPE : new 

DOCUMENT- IDENTIFIER: US 20030088784 Al 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 

PUBLICATION-DATE: May 8, 2 003 
INVENTOR- INFORMATION : 

NAME CITY STATE COUNTRY RULE -4 7 

Ginter, Karl L. Beltsville MD US 

Shear, Victor H. Bethesda MD US 

Spahn, Francis J. El Cerrito CA US 

Van Wie, David M. Eugene OR US 

US -CL- CURRENT: JZ13./iaa; 212l/1B2, 212/124 



1 of 5 



6/25/03 3:01 P^ 



Title | Citation | Froru-f' Review | Classification | Date | R ere re nee 



Draw Peso Image 



□ 3. Document ID: US 20030084306 Al 

L9: Entry 3 of 34 File: PGPB May 1, 2003 

PGPUB- DOCUMENT -NUMBER: 2 0030084306 
PGPUB -FILING -TYPE : new 

DOCUMENT- IDENTIFIER: US 20030084306 Al 

TITLE: Enforcement architecture and method for digital rights management system for 
roaming a license to a plurality of user devices 

PUBLICATION-DATE: May 1, 2003 

INVENTOR- INFORMATION : 

NAME CITY STATE COUNTRY RULE- 4 7 

Abburi, Rajasekhar Medina WA US 

Alkove, James M. Woodinville WA US 

McNeill, William P. Seattle WA US 

McKune, Jeffrey R. Issaquah WA US 

US - CL - CURRENT : 212./ 1AR; 70S /5Q 



Sequences Attachments 



Full | Title | Citation | Front | Review | Classification | Date | Referenc 
Image j^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^l 



□ 4. Document ID: US 20030078853 Al 

L9: Entry 4 of 34 File: PGPB 

PGPUB -DOCUMENT -NUMBER: 20030078853 
PGPUB - F I L ING - TYPE : new 

DOCUMENT- IDENTIFIER: US 20030078853 Al 

TITLE : Enforcement architecture and method for digital rights management 
PUBLICATION-DATE: April 24, 2003 
INVENTOR- INFORMATION : 



Apr 24, 2003 



NAME 


CITY 


STATE 


COUNTRY 


Peinado , Marcus 


Bellevue 


WA 


US 


Abburi , Raj asekhar 


Medina 


WA 


US 


Blinn, Arnold N. 


Bellevue 


WA 


US 


Jones, Thomas C. 


Redmond 


WA 


US 


Manferdelli, John L. 


Redmond 


WA 


US 


Bell, Jeffrey R.C. 


Seattle 


WA 


US 


Venkat e san , Ramaranthnam 


Redmond 


WA 


US 


England, Paul 


Bellevue 


WA 


US ' 


Jakubowski, Mariusz H. 


Bellevue 


WA 


US 


Yu, Hai Ying (Vincent) 


Bellevue 


WA 


US 



RULE-47 



US -CL- CURRENT: 1H5./2R 



2 of 5 



6/25/03 3:01 P^ 



Full 



Title ] C rtation | From-/f' Review j Classification""]""" Date | Reference 



Attachments 



■JimiUMIMIJl 



□ 5. Document ID: US 20030028488 Al 

L9: Entry 5 of 34 



File: PGPB 



Feb 6, 2003 



PGPUB- DOCUMENT -NUMBER : 20030028488 
PGPUB- FILING-TYPE: new 

DOCUMENT- IDENTIFIER: US 20030028488 Al 

TITLE: Supervised license acquisition in a digital rights management system on a 
computing device 

PUBLICATION-DATE: February 6, 2 003 
INVENTOR- INFORMATION : 

NAME CITY STATE COUNTRY 

Mohammed, Sohail Baig North Bend WA US 

Olson, Kipley J. Seattle WA US 

McKune, Jeffrey R. Issaquah WA US 

Ganesan, Kr i shnamurthy Redmond WA US 



RULE - 4 7 



US -CL- CURRENT: 705 /59 



Sequences I Attachments 



Full I Title |- Citation I Front | Review j Classification | Dat- 
Draw [>e/T~Pi7naq^i^^^^^^^^^^^^^H^^^^^^^^^| 



□ 6. Document ID: US 20030014655 Al 

L9: Entry 6 of 34 File: PGPB Jan 16, 2003 

PGPUB -DOCUMENT -NUMBER: 20030014655 
PGPUB -FILING- TYPE: new 

DOCUMENT- IDENTIFIER: US 20030014655 Al 

TITLE: Protecting decrypted compressed content and decrypted decompressed content at 
a digital rights management client 

PUBLICATION-DATE: January 16, 2003 

INVENTOR- INFORMATION : 

NAME CITY STATE COUNTRY RULE -47 

England, Paul Bellevue WA US 

Peinado, Marcus Bellevue WA US 

Sankaranarayan, Mukund Issaquah WA US 

US -CL- CURRENT: 71 1 / 200 



Full | Title | Citat ion | Front [ Review [ Classification [ Date j Reference | Sequences | Attachments 
Craw. Desc | Irnagej^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^H 



□ 7. Document ID: US 20020169974 Al 



3 of 5 



6/25/03 3:01 P* 



L9: Entry 7 of 34 



File: PGPB 



Nov 14, 2002 



PGPUB- DOCUMENT -NUMBER : 20020169974 
PGPUB- FILING -TYPE : new 

DOCUMENT- IDENTIFIER: US 20020169974 Al 

TITLE: Detecting and responding to a clock rollback in a digital rights management 
system on a computing device 

PUBLICATION-DATE: November 14, 2002 



INVENTOR- INFORMATION : 
NAME 

McKune, Jeffrey R. 



CITY 

Issaquah 



STATE 
WA 



COUNTRY 
US 



RULE-47 



US -CL- CURRENT: 71 3/2QQ 



Citation [ Front | Review j Classification f Date j Reference | Sequences [ Attachments 



Draw Desc Image I 



□ 8. Document ID: US 200201 12171 Al 

L9: Entry 8 of 34 File: PGPB 



Aug 15, 2002 



PGPUB -DOCUMENT -NUMBER: 20020112171 
PGPUB -FILING -TYPE: new 

DOCUMENT- IDENTIFIER: US 20020112171 Al 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 

PUBLICATION-DATE: August 15, 2002 



INVENTOR- INFORMATION : 
NAME 

Ginter, Karl L. 
Shear, Victor H. 
Spahn, Francis J. 
Van Wie, David M. 



CITY 

Beltsville 
Bethesda 
El Cerrito 
Eugene 



STATE 

MD 

MD 

CA 

OR 



COUNTRY 

US 

US 

US 

US 



RULE-47 



US -CL- CURRENT: U3./1BR; ZQ5/5JL, 212./ 2n& 



Classification | Date | Reference Sequences 



Drawn Desc Image ! 



□ 9. Document ID: US 20020048369 Al 

L9: Entry 9 of 34 File: PGPB Apr 25, 2002 

PGPUB - DOCUMENT - NUMBER : 20020048369 
PGPUB -FILING- TYPE: new 

DOCUMENT- IDENTIFIER: US 20020048369 Al 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 

PUBLICATION-DATE: April 25, 2002 



4 of 5 



6/25/03 3:01 P^ 



INVENTOR- INFORMATION : 








w 


NAME 




CITY 


STATE 


COUNTRY 


Ginter, Karl L. 




Beltsville 


MD 


US 


Shear, Victor H. 




Bethesda 


MD 


US 


Sibert, W. Olin 




Lexington 


MA 


US 


Spahn, Francis J. 




El Cerrito 


CA 


US 


Van Wie, David M. 




Eugene 


OR 


US 



RULE -4 7 



US -CL- CURRENT: 2£U/222; 3££/2A£, 213./151, 212./ ISA 



Full | Title | Citat ion [ Front [ Review | Classification [ i> ate j Reference | Sequences | Attachment's 
[■raw. Desc [ Irnage*]^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^] 



□ 10. Document ID: US 20020019814 Al 

L9: Entry 10 of 34 File: PGPB Feb 14, 2002 

PGPUB - DOCUMENT - NUMBER : 20020019814 
PGPUB- FILING- TYPE : new 

DOCUMENT- IDENTIFIER: US 20020019814 Al 

TITLE: Specifying rights in a digital rights license according to events 
PUBLICATION-DATE: February 14, 2 002 
INVENTOR- INFORMATION : 

NAME CITY STATE COUNTRY RULE- 4 7 

Ganesan, Krishnamurthy Redmond WA US 

US -CL- CURRENT: 705 /59; 705 /57, 7 07 /ia, 7 07 /£ 




Generate Collection \ I Print 



Terms 


Documents 


L8 and @pd>=l 9990327 j 


34| 



Display Format : I - 



Change Format 



Previous Page Next Page 



5 of 5 



6/25/03 3:01 P* 



Record List Display http;//westbrs:800^irygate.exe?f=TOC&state=3jlgbc. 1 3&ref^6&dbnaro=USPT&ESNAM 




Search Results - Record(s) 1 through 10 of 12 returned. 




1. Document ID: US 6253193 Bl 



L6: Entry 1 of 12 File: USPT ' Jun 26, 2001 

US-PAT-NO: 6253193 

DOCUMENT- IDENTIFIER: US 6253193 Bl 

** See image for Certificate of Correction ** 

TITLE: Systems and methods for the secure transaction management and electronic 
rights protection 



Draw. Desc j Iraaga j| 



Front j Review J Classification | Da 



^ O 2. Document ID: US 6195432 Bl 

L6: Entry 2 of 12 File: USPT Feb 27, 2001 

US-PAT-NO: 6195432 

DOCUMENT -IDENTIFIER: US 6195432 Bl 

TITLE: Software distribution system and software utilization scheme for improving 
security and user convenience 



■ Citation j Front I Review j: Classification j - Djte : j -Reference-! Sequences-] -Attachments- j 



AO 3. Document ID: US 5982891 A 

L6: Entry 3 of 12 File: USPT Nov 9, 1999 

US-PAT-NO: 5982891 

DOCUMENT- IDENTIFIER: US 5982891 A 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 




J^U 4. Document ID: US 5949876 A 

L6: Entry 4 of 12 File: USPT 



Sep 7, 1999 



Record List Display http://westbrs: 8002/bin'gate. exe?f=TOC&state=3jlgbc. 1 3 &ref=6&dbnan»=USPT&ESNAM 




US-PAT-NO: 5949876 

DOCUMENT- IDENTIFIER : US 5949876 A 

** See image for Certificate of Correction ** 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 




5. Document ID: US 5917912 A 

L6: Entry 5 of 12 File: USPT 



Jun 29, 1999 



US-PAT-NO: 5917912 

DOCUMENT- IDENTIFIER: US 5917912 A 

TITLE: System and methods for secure transaction management and electronic rights 
protection 



Front I Review I Classification I Date I Reference 



AO 6. Document ID: US 5915019 A 

L6: Entry 6 of 12 File: USPT Jun 22, 1999 

US-PAT-NO: 5915019 

DOCUMENT- IDENTIFIER: US 5915019 A 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 




A 



O 7. Document ID: US 5910987 A 

L6: Entry 7 of 12 File: USPT 



Jun 8, 1999 



US-PAT-NO: 5910987 

DOCUMENT- IDENTIFIER: US 5910987 A 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 



F io nt | Review j Classification j Date j Reference j Sequences j Attachments 



O 8. Document ID: US 5892900 A 

L6: Entry 8 of 12 File: USPT 



Apr 6, 1999 



Record List Display http://westta:8002ftii^ 




US-PAT-NO: 5892900 

DOCUMENT- IDENTIFIER: US 5892900 A 

TITLE: Systems and methods for secure transaction management and electronic rights 
protection 




O 9. Document ID: US 5754649 A 

L6: Entry 9 of 12 File: USPT 

US-PAT-NO: 5754649 

DOCUMENT- IDENTIFIER: US 5754649 A 



May 19, 1998 



B^ti 



TITLE J Video media security and tracking system 



Fuii | Titi* i Citation : Front j Review j Classification 



e i Reference I Sequences | Attachments 



voof O\10. Document ID: US 5754648 A 

obv»fritdiL6 :] Entry 10 of 12 File: USPT 

US-PAt/nO: 5754648 

DOCUMENT- IDENTIFIER: US 5754648 A 

TITLE I Video media security and tracking system 



May 19, 1998 



..Full, j Title j Citation j Front j Review [Classification {■ Date | Rsfersnce |-£>5C 



.Draw : D esc- j Image 



^uences i Attach tmris 



Generate Collection 



Terms 


Documents 




|L5 and rights 




1211 



Display Format : [ti_J j Change Format 
Previous Page Next Page 



Record List Display 



http://westbrs: 8002ftii^cgi-biiyaccum_que 



| Generate Collection \ | Print 1 
Search Results - Record(s) 1 1 through 12 of 12 returned. 



Apr 30, 1996 



_ QP U' Document ID: US 5513260 A 

L6: Entry 11 of 12 File: USPT 

US-PAT-NO: 5513260 

^CUMENT- IDENTIFIER: US 5513260 A 

TITLE: Method and apparatus for copy protection for various recording media 



* \ Rsfersno* j Sequences 1 Attachments 



O 12. Document ID: US 4453074 A 

L6: Entry 12 of 12 File: USPT 

US-PAT-NO: 4453074 

DOCUMENT- IDENTIFIER: US 4453 074 A 

TITLE: Protection system for intelligent cards 



Jun 5, 1984 



Fuil 1 Tit: 


e i -.Citation j Front 


Review 


1 Glass fiction j "'Date j R> 


ifsr&RC* i Ssqus 


Drauu. Desc 


: -lrnaae i^^^^^B 









: AUschments 



;| Terms 


Documents 




i[L5 and rights 




12!! 



Display Format : [ ti \ 

Previous Page 



Change Format 
Next Page 




Your wildcard search against 10000 terms has yielded the results below. 
Your result set for the last L# is incomplete. 
The probable cause is use of unlimi ted truncation. Revise your search strategy to use limited truncation. 



Generate Collection 



Print 



Search Results - Record(s) 1 through 5 of 5 returned. 



1. Document ID: US 58 18934 A 



Entry 1 of 5 



File: USPT 



Oct 6, 1998 



-PAT-NO: 5818934 
UMENT- IDENTIFIER: US 5818934 A 



TITLE: Method and apparatus for providing a cryptographically secure interface 
between the decryption engine and the system decoder of a digital television 
re ceiver 



f u i! ;: : j Tit'i e j C ftstio nT Front [ R eview ] C\as< if ics tio n j 6 ate | R ef s r* n I iequsncss j AltSChsnents 
Draw. Desc ! Image] 



4^ 



□ 2. Document ID: US 5754649 A 

L7: Entry 2 of 5 File: USPT 



May 19, 1998 



US-PAT-NO: 5754649 

DOCUMENT- IDENTIFIER: US 5754649 A 
TITLE: Video media security and tracking system 




Review j Classification I Dat* j Reference j Sequences 



3. Document ID: US 5754648 A 

L7: Entry 3 of 5 File: USPT 



May 19, 1998 



US-PAT-NO: 5754648 

DOCUMENT- IDENTIFIER: US 5754648 A 



TITLE: Video media security and tracking system 



Record List Display http://westhra:8002^ 

O 4. Document ID: US 5513260 A 

_,7: Entry 4 of 5 File: USPT Apr 30, 1996 

US/P#T-NO: 5513260 
DOCUMENT- IDENTIFIER: US 5513260 A 

TffTLE: Method and apparatus for copy protection for various recording media 

V 

\ O 5. Document ID: US 4453074 A 

^/L7: Entry 5 of 5 File: USPT Jun 5, 1984 

US-PAT-NO: 4453074 

DOCUMENT- IDENTIFIER: US 4453074 A 
TITLE: Protection system for intelligent cards 



[ Title; j Cftation j Front j Review [ Classification j Date j Rsfsranc* j Sequences j Attachments 



Drauu Desc j Image j 




I Generate Collection !; Print 



Terms Documents! 



j ((black$ adj box$) same (encrypt$ or decrypt$)) and ((black$ adj 
I box$) same ((private$ or public$) with key$)) and @pd<=19990327 



Display Format : ( - l Change Format 

1 * " — >m«wowmw^ ?v.v.\v.\w.v.v.>/.v/.v.v.v.v.v.v.sv.v.v.v.v.v. 

Previous Page Next Page 



Record Display Form 



http://westbrs:8002ftin'gate.exe?^^ 



# 






Generate Collection I j Print 



L7: Entry 1 of 5 



File: USPT 



Oct 6, 



1998 



DOCUMENT -IDENTIFIER: US 5818934 A 

TITLE: Method and apparatus for providing a cryptographically secure interface 
between the decryption engine and the system decoder of a digital television 
receiver 



DATE ISSUED (1) : 
19981006 

Brief Summary Text (4) : 

In public key encryption systems for digital television systems (and other types of 
digital data delivery systems) , the decryption engine decrypts the encrypted 
television signal received by the digital television receiver in accordance with the 
corresponding decryption algorithm, using both a public key which depends upon the 
particular encryption algorithm employed, and a private key which is unknown and 
concealed within the decryption engine. The integrity of the security afforded by 
such systems depends upon preservation of the secrecy of the private key . If a 
pirate (attacker) is able to discover the private key, then it becomes a routine 
matter for the skilled pirate (an individual or company which has the capability to 
reverse engineer the decoder and decryption chips in the set-top box) to make other 
"bootleg" decryption chips and then incorporate them into " black boxes " that enable 
the reception of programming by a non-subscriber (i.e., a person who does not pay 
any subscription fees to the service provider) . 

Brief Summary Text (5) : 

In encryption systems for digital television systems (and other types of digital 
data delivery systems) , there are two levels of encryption used public key 
encryption, and private key encryption . The bulk of the data is encrypted using a 
private key encryption (e.g. block ciphers like DES) , owing to the speed of private 
key encryption . Sessions of the data transmission (typically, a session is several 
milliseconds of transmitted data) are encrypted with the block cipher using 
different private keys, called session keys ; each session has its own private key . 
The session keys themselves are typically encrypted with a public key encryption 
system, wherein only the user holding the user private key of the public key system 
can decrypt, and thereby recover, the session key, which session key is used for 
decrypting the session of the transmitted data. The integrity of the security 
afforded by such a system depends mainly on the preservation of the secrecy of the 
user private key, and to a some extent on the secrecy of any one session key . If a 
pirate (attacker) is able to discover the user private key, then it becomes a 
routine matter for the skilled pirate (an individual or company which has the 
capability to reverse engineer the decoder and decryption chips in the set-top box, 
or digital data receiver) to make other "bootleg" decryption chips and then 
incorporate them into " black boxes " that enable the reception of programming by a 
non-subscriber (i.e., a person who does not pay any subscription fees to the service 
provider) . 
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